An issue exists in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zzzcms zzzphp 1.6.1 |